David H.

Cybersecurity Leader | Building High-Performance SOC Teams & Scalable Security Operations

Ireland

About

David is a cybersecurity professional with a strong background in threat detection, research, and malware analysis, currently serving as a SOC Manager UK & EMEA at Blue Voyant. He's honed his expertise in analysing and responding to complex cyber threats, leveraging both SOC and threat research roles to safeguard organizations from advanced persistent threats (APTs). At BlueVoyant, David plays a pivotal role in enhancing cybersecurity defenses and maintaining proactive security operations. His previous experience as a Threat Researcher at BlackBerry involved conducting purple teaming exercises, developing and refining EDR rules, and streamlining CI/CD processes to optimize the security of Cylance’s endpoint protection suite. He contributed to Blackberry's Threat Intelligence reports, sharing insights on the latest threat tactics and providing a strategic defense against evolving cyber threats. Additionally, his prior experience as a Senior SOC Analyst at eSentire provided the EDR exposure and skills to excel as a proficient analyst. With a strong foundation in content development from my time at Security Blue Team, he has also created training labs and detailed investigation guides that empower the cybersecurity community with practical knowledge. David's work is driven by a commitment to advancing threat detection capabilities and sharing actionable insights with clients and the security community.

Experience

  • BlueVoyant ()
    • SOC Manager UK & EMEA
      Jan 2026 - Present · 7 mos

    • Interim SOC Manager UK/EU
      Aug 2025 - Jan 2026 · 6 mos

    • SOC Team Lead
      Jun 2025 - Aug 2025 · 3 mos

  • Senior SOC Analyst at eSentire
    Mar 2024 - Feb 2025 · 1 yr

  • BlackBerry ()
    • Threat Researcher
      Jul 2023 - Mar 2024 · 9 mos

      - Aiding in purple teaming engagements and MITRE MDR evaluation testing in order to better defend Blackberry Cylance customers from APT groups with the use of the Cylance Endpoint suite to secure our clients endpoints and networks. - Creating EDR rules to improve Cylance OPTICS detections and telemetry across all tenants. Furthermore, enhancing existing rules to minimise False Positives and False Negatives on the product to improve user adoption. - Creation and Integration of pipelines using Gitlab and CI/CD in order to streamline processes and automate releases of our repository to the product team. Validation was added to minimise the possibility of inaccurate or incorrect rules being pushed to production. - Aided in publication writing and analysis that was uploaded to our Threat Thursday blog/ Threat Intelligence reports to showcase Blackberry’s understanding and ability to defend against current threats.

    • Threat Research Investigations Intern
      Jan 2022 - Jul 2023 · 1 yr 7 mos

      - Performing static and dynamic analysis on unclassified files which resulted in a classification been giving in accordance with findings as to a files maliciousness and capabilities. - Researching into the latest threats and creating rules to prevent our customers from being affected by various campaigns, threat hunting actively on our tenants and writing reports on my analysis for our Threat Research team and Sales Engineers. - Aided in publication writing and analysis that was uploaded to our blog platform to showcase Blackberry’s understanding and ability to defend against current evolving threats.

  • Content Engineer at Security Blue Team
    Apr 2022 - Jun 2022 · 3 mos

    - Creating custom labs focusing on Reverse Engineering and common investigation techniques to solve scenario based questions. - Generating write ups for each lab created which showcased the intended route in which a user is expected to take when tackling labs. - Provided helpful hints to members of the community which aided in understanding and led to completion of investigations with a greater knowledge in the subject area.